Added
- GitHub Action now exposes
--usage,--only-used,--sarif, and--no-cacheinputs. Theno-cacheinput defaults totruein CI since runners are ephemeral. --sarifflag writes a SARIF 2.1.0 file to the current directory for upload to GitHub Code Scanning. One result per CVE, rules deduplicated, severity mapped to SARIF levels.
Validation
- npm test
- npm run build